Extracted

• • Target

    b00f464887495e459e78844316971f0a_JaffaCakes118

  • Size

    143KB

  • MD5

    b00f464887495e459e78844316971f0a

  • SHA1

    ade3a522e63aec9daccef6406b5167cb4d57bb9b

  • SHA256

    53594d0db0a280c64e03a6bb4322748307546a20500228b2a17e52251c77c61e

  • SHA512

    3d0aa291172dd490481fbb5d94d1f0c06674067d582018ebbda76ca3eb9105ac3ef712b347699d50de4f232e186d6b196963e9f6fcbf1e83e94b830980c3f842

  • SSDEEP

    3072:Ff8wNOO5/bHoUYmxF44UkbZEvoAlJjlwLljpx2sFx6+fJ:Fn5dn4rkWg6Jjlib2saiJ

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies firewall policy service

    evasion

  • Windows security bypass

    evasiontrojan

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Drops file in System32 directory

  behavioral1behavioral2